What We Do

The U.S. is the largest Cyber target in the world with more identified attacks than the next dozen countries combined. Year-over-year Advanced Persistent Threat (APT) activity targeting critical government infrastructure is growing in number and sophistication. Active Security Monitoring is our analytical and reporting activity tailored around compliance controls, and is designed to evaluate our customer’s current security posture against the evolving cyber threat landscape. We have highly automated and streamlined processes for the evaluation of billions of events per day, and the capacity to active monitor globally deployed assets for attacks…even when they come in the form of a zero-day attacks.

Information is power. Our Computer Network Operations (CNO) services and product solutions significantly increase the Department of Defense’s ability to impact friendly and enemy decision making. With more than 20 years experience, we work closely with our customers to enable Computer Network Attack (CNA), Computer Network Defense (CND) and Computer Network Exploitation (CNE) operations.

Defense, intelligence and government networks are under a constant state of attack. As we develop increasingly complex systems, the security issues associated with these systems are becoming just as complex. Our cyber engineering teams work with customers throughout the government to address security and survivability issues throughout the software development lifecycle. In particular, we provide systems/software engineering and exploitation, software development, operational test and evaluation for cyber capabilities and 24/7/365 network security monitoring and analysis.

With a tremendous depth of experience in Test and Evaluation (T&E), we have conducted Cyber capabilities Operational Test and Evaluation (OT&E) for Air Force organizations since 2003. We are experts in all aspects of OT&E activities required by AFI 99-103 and have planned, conducted, analyzed and reported OT&E activities including Operational Assessments (OA), Operational Utility Evaluations (OUE), Force Development Evaluations (FDE), Initial and Final Operational T&E (IOT&E/FOT&E) and Tactics Development and Evaluation (TD&E).

Cyber Threat Fusion is the timely collection and processing of Open, Closed and Classified information used for strategic and tactical risk mitigation decision making. Risk identification and management are achieved through the observation, detection, and mitigation of attacks and exploitation against our customer’s critical assets. We are experts in the collection, aggregation, correlation, and interpretation of cyber threat Tactics, Techniques and Procedures (TTPs) for the establishment and maintenance of proactive Network
Defense programs.

Because wireless networks do not require a wire between a device and the internet connection, it is possible for attackers who are within range to hijack or intercept an unprotected connection. We have extensive experience in preventing unauthorized access to wireless environments and harden against threats. Specifically, our teams designed and developed software that works with all types of traffic, including TCP/IP, 802.11 and Voice over IP. In addition, our Software Defined Radio system is capable of tuning and demodulating signals across frequency bands, protocols and standards.

Forensics and Reverse Engineering is the identification, acquisition, recording and analysis of indicators used to quantify risks and discover the true source of a security attack. We are experts at vulnerability identification through static and dynamic analysis, bypassing hardware and software security controls, co-opting adversary exploit tools, and quantifying zero-day capabilities. We develop state-of-the-art analysis and system forensic tools to monitor, recover and analyze host and in-transit data for investigation, intrusion detection and service restoral.

MacB’s Enlighten IT Group (EITG) developed its proprietary Rapid Analytic Deployment and Management Framework (RADMF) for the key analytic components of the Big Data Platform (BDP). RADMF deploys within minutes and eliminates hardware, power, space, cooling and sustainability requirements and utilizes Amazon Web Services (AWS), the very first cloud service provider (CSP) to achieve a U.S. Department of Defense (DoD) Security Level 3-5 Authorization.

The amount of Big Data present in today’s virtual systems can be overwhelming. EITG supplies solutions to help customers ingest, maintain, and store massive amounts of data. Our team has designed, operated, and sustained multi-petabyte network clusters, and for many of our mission partners, we support analysis and reporting functions for multi-terabytes of data per day.

Globalization of the technology supply chain has changed the way the Department of Defense (DoD) approaches the trustworthiness of complex critical systems. In the past, much of this trust was based on the fact that critical systems and their components were designed and manufactured within the U.S. by cleared personnel. Systems were also simpler with less reliance on multi–function integrated circuits. But times have changed. The use of integrated circuit technology across the world has increased dramatically, and the market for critical integrated circuit technologies such as Application Specific Integrated Circuits (ASICs) and field-programmable gate arrays (FPGAs) is no longer dominated by DoD.

Due to this market evolution, DoD neither controls production nor drives the requirements of leading-edge devices. Even in situations wherein production can be controlled, such as through the use of the DoD Trusted Foundry, modern integrated circuit designs are so complex that they are typically composed of third–party intellectual property (3PIP) circuit cores of unknown provenance. They are often designed, synthesized, and validated by electronic design automation (EDA) software developed overseas. In addition, the components are often integrated onto printed circuit boards (PCBs) for commercial-off-the-shelf (COTS) electronics at overseas manufacturing facilities, prior to entering the U.S. market. Thus, even with ostensibly trusted processes of production, DoD systems and their software, firmware and hardware components are susceptible to counterfeiting and malicious tampering.

The MacB approach to supply chain security includes a comprehensive assessment of the system and its subcomponents throughout their lifecycle. We have a well-established history of providing support for security, cyber threat, integrity, and vulnerability analysis, as engineering services to our government customers. MacB is accredited by Defense Microelectronics Activity (DMEA) for Category 1A Design Services in the Trusted Integrated Circuit (IC) Supplier Program. Our subject matter experts help deter, detect, delay or react to the compromise of these systems. As an independent evaluator, we can work with the developers, system integrators, and operators to verify that the development, manufacture, and deployment of the system has properly identified and protected the mission-critical functions and critical components.